package com.project.core.controller;

import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;

import com.project.core.base.BaseController;

@Controller
public class TestController extends BaseController {
	@RequestMapping(value = "/test.html")
	public @ResponseBody
	Object test(Model model, HttpServletRequest request) {
		Subject subject = SecurityUtils.getSubject();
		String username = request.getParameter("username");
		String pwd = request.getParameter("password");
		UsernamePasswordToken token = new UsernamePasswordToken(username, pwd);
		try {
			subject.login(token);
		} catch (UnknownAccountException uae) {
			model.addAttribute("info", "用户名不存在系统！");
		} catch (IncorrectCredentialsException ice) {
			model.addAttribute("info", "密码错误！");
		} catch (LockedAccountException lae) {
			model.addAttribute("info", "用户已经被锁定不能登录，请与管理员联系！");
		} catch (ExcessiveAttemptsException eae) {
			model.addAttribute("info", "错误次数过多！");
		} catch (AuthenticationException ae) {
			model.addAttribute("info", "其他的登录错误！");
		}

		// 验证是否成功登录的方法
		if (subject.isAuthenticated()) {
			// 在session生命周期内有效
			System.out.println("进入isAuthenticated");
			return "/success";
		}
		return "/success";
	}
}
